On 15.04.2018 13:25, Robert Hickman wrote:
|Is it sufficient to concatenate the symbol file at the beginning of
the user code?|
\include does exactly that: read the contents of the included file verbatim.
Best, Simon
___
lilypond-user mailing list
lilypond-user@gnu.org
https://lists.gnu.org/mailman/listinfo/lilypond-user

Thanks, -dsafe looks like the simplest to use but 'In addition, safe mode
disallows \include' which I need to use the symbol file. Is it sufficient
to concatenate the symbol file at the beginning of the user code?
On 15 April 2018 at 11:45, Malte Meyn wrote:
>
>
> Am 15.04.2018 um 12:41 schrieb Robert Hickman:
>
>> Second thought: (see my previous, sorry about double posting).
>>
>> What are the risks of integrating lillypond into a CMS from a security
>> perspective, does it allow you to run shell commands for instance? I will
>> not be exposing this publicly, just to the admin interface only I use. I
>> like to know what exploits anything I use could expose howeaver.
>>
>
> Have a look at the options --jail and -dsafe at
> http://lilypond.org/doc/v2.19/Documentation/usage-big-page.html
>
> ___
> lilypond-user mailing list
> lilypond-user@gnu.org
> https://lists.gnu.org/mailman/listinfo/lilypond-user
>
___
lilypond-user mailing list
lilypond-user@gnu.org
https://lists.gnu.org/mailman/listinfo/lilypond-user

Am 15.04.2018 um 12:41 schrieb Robert Hickman:
Second thought: (see my previous, sorry about double posting).
What are the risks of integrating lillypond into a CMS from a security
perspective, does it allow you to run shell commands for instance? I
will not be exposing this publicly, just to the admin interface only I
use. I like to know what exploits anything I use could expose howeaver.
Have a look at the options --jail and -dsafe at
http://lilypond.org/doc/v2.19/Documentation/usage-big-page.html
___
lilypond-user mailing list
lilypond-user@gnu.org
https://lists.gnu.org/mailman/listinfo/lilypond-user